members
[0x0v1] Newsletter | Avoid WhatToExpect pregnancy app, if you care about your privacy & security
There's snow outside today as winter closes in, and it's feeling pretty cozy. I'm sitting here with a coffee, starting to write some proposals…
REprivacy
members
RE:privacy | Critical vulnerabilities & privacy concerns in WhatToExpect fertility app
A high level summary of this issue is provided below. A deep technical breakdown of the vulnerabilities is provided later on to supporters of my work.
Executive Summary
This research…
Journal
members
Android Network Emulator Bypassing for high security apps - Cashapp, Revolut, Banking, Healthcare, Government etc.
Learn to bypass emulator detection in high-security Android apps using network techniques like SSL unpinning, IP spoofing, and request modification. This guide offers practical methods for intercepting traffic and making emulators look like real devices.…
Journal
members
Advanced Android Emulator Bypass Techniques for High-Security Apps: CashApp, Revolut, Healthcare & More
Introduction
Apps handling our most sensitive data—whether managing financial transactions in CashApp, Revolut, or other banking platforms, or safeguarding personal records in healthcare applications—often employ robust emulation detection…
Research
members
UCID902: Uncovering nation state watering hole credential harvesting campaigns targeting human rights activists by APT threat group UCID902 (2023)
This is a repost of some critical research I performed back in 2023 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members
Security and privacy analysis: MDM applications (국방모바일보안) for South Korean Military personnel (2023)
This is a repost of some critical research I performed back in 2023 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members
RambleOn Android Spyware (December 2022)
This is a repost of some critical research I performed back in 2022 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members
Account Takeover via browsable intent filter in Android app
Mobile app security is an interesting field; since app sandbox restrictions are very good, finding security issues can be extremely hard. Once you start delving into applications more and more,…